There is, I'll have to work on the SQL statement later today for you. What's the ID of your network offering that you are using?
Thanks, Matt On 4/23/13 9:56 AM, "David Ortiz" <dpor...@outlook.com> wrote: >Matt, > That sounds like exactly what I am going for. Is there a way to >disable dns on a network/virtual router that already exists, or would I >need to do this prior to creating the zone? >Thanks, David > >> From: mathias.mull...@citrix.com >> To: users@cloudstack.apache.org >> Subject: Re: Using different DNS for guests than Virtual Router >> Date: Tue, 23 Apr 2013 16:04:02 +0000 >> >> David, >> >> I've done a lot of installs with AD. Your best bet is to just remove the >> the DNS function from the virtual router. Leave DHCP in place, don't >>have >> that be taken over by external DHCP as it will cause issues. >> >> Also tweaking the dnsmasq is a short term fix as it will only go away >>once >> the VR reboots. >> >> Once you remove DNS, you then set your public and private DNS in the >>zone >> to your active directory servers. That will automatically filter down to >> the VMs and you'll get the desired results. >> >> Hope this helps, >> Matt >> >> >> On 4/23/13 8:51 AM, "David Ortiz" <dpor...@outlook.com> wrote: >> >> >Hello Ahmad, >> > That was my initial attempt. The issue I ran into was that the >> >dnsmasq settings on the Virtual Router seem to block the traffic that >>was >> >required for the machine to join the domain. I played around with the >> >settings a little bit and was able to get it to find the domain, so I >> >would imagine that I could tweak it some more to not be an issue. >> >However, any changes I make on the virtual router only last until it is >> >restarted, so without a way to make those permanent I have to >>circumvent >> >it entirely. The blog post that Murali linked for how to set up a >> >network without DHCP and DNS seems like it was probably the correct way >> >to do it, but as far as I can tell would require me to start my zone >>from >> >scratch, so I am trying to avoid that if possible. >> >Thanks, David Ortiz >> > >> >> CC: users@cloudstack.apache.org >> >> From: aemne...@gmail.com >> >> Subject: Re: Using different DNS for guests than Virtual Router >> >> Date: Tue, 23 Apr 2013 08:49:06 -0700 >> >> To: users@cloudstack.apache.org >> >> >> >> Coming from someone that has no clue about active directory... If >>your >> >>using a basic zone, why don't you have the AD server deployed outside >>of >> >>cloudstack s control. Then point have your dns entries point to it. >>Have >> >>the default security group for guests open to the ports AD works on. >> >> >> >> Ahmad >> >> >> >> On Apr 22, 2013, at 1:42 PM, David Ortiz <dpor...@outlook.com> wrote: >> >> >> >> > Hello, >> >> > I am trying to setup a Windows AD server as a guest on my >> >>cloudstack cluster, and join my other guests to the domain it is >>serving >> >>using PowerBroker Identity Services Open. From what I am seeing, the >> >>virtual router will block me from being able to perform nslookup or >>join >> >>the domain using the domainjoin-cli command. If I modify >> >>/etc/resolv.conf to point directly at my DC as the dns server, it can >> >>join the domain without any issues. Unfortunately when I reboot, the >> >>dhcp setup with the virtual router will point it back to the virtual >> >>router as the name server. I also found that I could get nslookup >>(but >> >>not joining the domain) to work by playing with the dnsmasq.conf >> >>settings on the virtual router a little bit, which works until it is >> >>rebooted at which point they revert back to what they had been >> >>originally. Is there a way to get the virtual router to point guests >>at >> >>the domain controller as the DNS, or to set up the dnsmasq to allow >>the >> >>AD joins to occur (and make those settings persistent)? Or >> >>alternatively, would I be able to set up DHCP on the DC and just >> >>circumvent the virtual router entirely? >> >> > Thanks, >> >> > David Ortiz >> > >> >